BOOKMARK
PRINTScam
Scamming on Swine Flu
Wed, 12/02/2009 - 09:14 — Josh Bourne — PermalinkWe received an email recently to the company’s general contact address from a sender posing as the Center for Disease Control. The email stated that the reader needed to complete a person H1N1 Vaccination Profile on the CDC’s Web site, regardless of whether or not he or she has been vaccinated, because that profile would be used for a “registering system” of who had and had not been vaccinated. A link that supposedly led to the CDC Web site where the reader could create his or her profile was included at the bottom of the page.
To a trained eye, it is clear that the email was a phishing scam. Instead of the CDC Web site, the link actually led to online.cdc.gov.yhnbam.im - .IM is the ccTLD for Isle of Man, a small British Crown dependency located in the Irish Sea between the United Kingdom and Ireland. The site had been set up to trick Internet users into disclosing personal and financial information, which the site owner then steals.
I tried to follow the link to see just what kind of information the site was trying to obtain, but was instead greeted by a warning message that said, “This web site at online.cdc.gov.yhnbam.im has been reported as a web forgery and has been blocked based on your security preferences.”
Phishing has been and remains a very serious and dangerous problem online. What is truly despicable is how phishers exploit the public’s concern over issues in order to dupe them into handing over information. H1N1 remains a very worrisome and serious issue, especially here in the U.S., for cybercriminals to take advantage of people’s distress or fear is abhorrently opportunistic.
Be on the lookout if you receive this email. The sender appears as the CDC with the address info@cdcmails.com, so it may seem legitimate at first, but it is indeed a scam.
Scamming, Renewed
Wed, 10/07/2009 - 12:37 — Josh Bourne — PermalinkI received an email reminding me that the domain name truecostofcybersquatting.org had expired, and offering me the chance to renew it through a body called “ISP Renewal.” I found this odd, seeing as I had originally registered the domain with GoDaddy, and as far as I could tell, ISP Renewal had no affiliation with the registrar.
I did some more searching online and found that other people had received similar emails offering to renew recently expired domains. In each case, the renewal service had no ties to the registrar through which they had obtained the domain. And in almost every email, ISP Renewal was offering to renew the domain for around $80. One recipient of the email pointed out that ISP Renewal asks domain owners to give out their login information, which led him to believe that the group’s underlying goal is to steal the domains once it gains access.
Regardless of whether or not stealing domains is the ultimate goal, it is clear that these emails from ISP Renewal are a scam, and domain name owners should keep a wary eye out. It may not be immediately obvious that ISP Renewal is not a legitimate service. Do not be taken off guard if you have a domain name that has recently expired – acting quickly, without thinking, in order to avoid losing your domain plays right into ISP Renewal’s scheme.
We’re a lot smaller than the companies we serve, yet the various renewal scams that target FairWinds are the same scams that target bigger brands. We’re also targets of the same “tip” emails that frequently target bigger brands—these emails, which tend to come from China and Hong Kong, claim to give us a heads-up about ccTLDs containing our brand that will be registered to a third party unless we act quickly to register the domains ourselves. As a small company that specializes in domain names, we quickly ignore these sorts of scams, bigger companies can end up wasting a lot of time when people are forced to drop whatever they’re doing and reassure the CEO that there’s nothing to worry about and nothing that needs to be done.
It’s really remarkable how these scammers have the resources to target the tens of thousands of businesses in the world, from big companies to small businesses like FairWinds. They must be making an awful lot of money for this to be possible, and the registrars and resellers involved in these scams must really be raking in profits. I wonder just how much spam they will send and just how far the fraud will go before it is stopped. ICANN should address this behavior to do away with the bad actors and discourage registrars and registrar resellers from future bad behavior.
